Versus Market, a security-oriented darknet market, entered maintenance to diagnose and solve a potential security issue involving an IP address leak.
In an announcement posted by user /u/WilliamGibson, a Versus Market staff, there was no cause for alarm for users – although the market saw it fit to update its users of the event.
According to the announcement (see below), the market received reports of a potential IP leak from one of Versus middleware servers – prompting the market to shut down temporarily to probe the matter.
Announcement on Dread by a Versus Market staffer
It turned out that an individual operating as “BenedictParchezzi” discovered the IP address belonging to one of the market’s middleware servers. This discovery was made possible after the individual hit the market with a DDoS attack.
To prevent potential damage, Versus wiped and abandoned the server involved for security reasons.
The announcement from Versus Market’s moderator can be seen to reflect a minor issue. This is according to the streams of user feedback and moderator responses regarding the topic. Overall, from what some of the users wrote, fact that the market took the step to communicate clearly about the matter was commendable – as evidence by some of the responses below.
One user, /u/swerve, wanted to find out whether the server IP or the users’ IP had been leaked. In response, the moderator clarified that the potential security threat only affected a server that the market uses as middleware.
The moderator went on to assure the user that the matter was minor as nothing would be traced back to Versus. Otherwise, according to the admin, the choice to update its users was purely for transparency reasons.
Another user, /u/FrenchTheKid, wondered about the possibility that the information contained in the server was backed up by the host. To reply, the moderator explained that the market uses a Full Disk Encryption – such that even if the host made a backup of the server, the information therein would be in encrypted form. Otherwise, being only a middleware server involved, no sensitive information was leaked.
From the above questions and responses, it appears that Versus Market suffered nothing serious although it can be inferred that this event exposed a serious OPSEC fail in their part.